Highlights
Phase 0 hardening release. Closes all four security/ops gaps from the GPT-5.4 review against docs/ROADMAP.md Phase 0. All four mechanisms ship opt-in by default — zero breaking changes for callers that don't set the new env vars.
- H1 (#113) — per-cycle LLM budget caps with reason-coded hard stops + per-provider circuit breaker
- H2 (#114) — dashboard HTTP auth (viewer/operator roles) + CSRF + bind-safety refusal
- H3 (#115) — webhook HMAC-SHA-256 signing + timestamp + 5-min replay window
- H4 (#116) — MCP db/workspace path allowlist + admin-mode bypass
Env vars reference
| Env var | Default | Purpose |
|---|---|---|
MEMORYMASTER_MAX_LLM_CALLS_PER_CYCLE |
0 (unlimited) | H1 cycle call cap |
MEMORYMASTER_MAX_TOKENS_PER_CYCLE |
0 (unlimited) | H1 cycle token cap |
MEMORYMASTER_MAX_PROVIDER_FAILURES_PER_CYCLE |
0 (unlimited) | H1 per-provider breaker |
MEMORYMASTER_DASHBOARD_TOKEN_VIEWER |
unset (legacy) | H2 read-only bearer |
MEMORYMASTER_DASHBOARD_TOKEN_OPERATOR |
unset (legacy) | H2 mutating bearer |
MEMORYMASTER_DASHBOARD_UNSAFE_BIND |
unset (refuse) | H2 non-loopback escape |
MEMORYMASTER_WEBHOOK_SECRET |
unset (no sig) | H3 HMAC signing key |
MEMORYMASTER_MCP_DB_ALLOWLIST |
unset (allow all) | H4 DB path allowlist |
MEMORYMASTER_MCP_WORKSPACE_ALLOWLIST |
unset (allow all) | H4 workspace allowlist |
MEMORYMASTER_MCP_ADMIN_MODE |
unset (enforce) | H4 allowlist bypass |
Tests
63 new tests, zero regressions on pre-existing suites.
test_llm_budget.py— 8 teststest_dashboard_auth.py— 25 tests (19 unit + 6 end-to-end HTTP)test_webhook_hmac.py— 13 teststest_mcp_path_policy.py— 17 tests (12 unit + 5 chokepoint integration)
What's next
- v3.20.0 — Phase 1 storage discipline (versioned migrations + SQLite/Postgres parity gate)
- A1 full LongMemEval-S QA-accuracy publication run — mechanism shipped in v3.18.0 (#109), now safer with H1 budget caps in place